Browser in the Box

The Virtual Environment for secured and comfortable Web Browsing

Browsing the Internet has become an absolutely necessary tool in today’s work environments. Collecting information cannot be thought of without using the web. At the same time our computers are processing confidential and critical information like personal or company internal data. The huge benefit of the Internet comes along with constantly changing threats. The development of browser versions in the past years can be understood - besides all functional progresses - as a constant race in the battle against various attack scenarios.

Latest since the Internet has become active with the evolvement of “Web 2.0” the balance between threats and benefits has been lost. “Active content” has become a standard part on modern web sites. Actual websites are more and more indistinguishable from full blown native applications. Programming interfaces like JavaScript, Java, ActiveX or VBScript provide means for accessing the computer and its resources like its file system or webcam. Trojan horses and viruses can abuse such powerful tools e.g. to steal confidential data. Companies and authorities alike are facing a dilemma: to limit the use of the Internet substantially or to find a way of living with existing threats.

Single user version freely available for private persons

The virtual surf environment "Browser in the Box" has initially been developed by Sirrix on behalf of the German Federal Office for Information Security for use by all federal authorities. Now the solution is open for anyone and enables users to surf the Internet with confidence - even when using most modern and comfortable web technologies without limitation despite otherwise usual advice.

On the basis of a “Browser-in-the-Box” concept a virtual machine is provided with a reduced operating system and a web browser encapsulated therein. Malware cannot thus penetrate the host operating system; a potential damage in the separated virtual machine will vanish with each start of the browser by returning to a certified starting point. All of that is fully transparent to the user.

Protection against malware and data Leakage

In contrast to simple sandboxing methods provided by standard browsers "Browser in the Box" isolates all activities of the browser completely from the host operating system. Merely a single shared folder within the host is made accessible for a separate user account. This folder stores all persistent configuration data like favorites of the browser. Equally all downloaded files are initially stored in this folder and are only forwarded into the normal user accessible download folder after a malware scan.

Besides this extensive protection of the host system against any attacks from the Internet, "Browser in the Box" reliably prevents any uploads of files into the Internet. Hence, the confidentiality of critical company or authority information is not already jeopardized by simply providing Internet access to its employees.

"Browser in the Box" provides a cost efficient and carefree surf environment without any limitation in comfort. The expensive and complex usage of dedicated terminal servers as an alternative for secure surfing can be avoided. The performance impact is minimal for today’s computer architectures.